[concurrency-interest] Question about "happens-before" andreordering

Thomas Hawtin tackline at tackline.plus.com
Fri May 19 05:20:33 EDT 2006


Robert Kuhar wrote:
>   Secure Coding Guidelines:
>     - If finalize method can be overridden, ensure partially initialized 
>       instances are unusable

I think it's a little more subtle than that, particularly prior to 1.6.

>   public class ClassLoader {
>     private boolean initialized = false;

I think the "= false" bit here is misleading. I certainly would not want 
to see "= true" in a similar situation.

>     ClassLoader() {
>       securityCheck(); // can throw an Exception
>       init();
>       initialized = true; // check flag in all relevant methods
>     }
>   }
> 
> I asserted that they had two problems with this code.  As I understand it, the
> runtime is free to reorder the instructions in this constructor.  This means
> that initialized=true may occur before the calls to either securityCheck() or
> init().  If that is the case, its value cannot be trusted as this code stands
> now.

If securityCheck does throw an exception, then the initialized = true 
statement must never be executed. So there is no security problem there.

If securityCheck does not throw, then theoretically you could see a 
non-working, partially-initialised instance. However, that would be your 
own fault.

Tom Hawtin


More information about the Concurrency-interest mailing list